tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Non-root tun-over-ssh?

Hmm- reading both of those things makes me a bit ... squiggly.

"I just want to do ssh -w0:0 as a non-root user and worry about the rest later."

What you're talking about is a (user/UUID)-specific abstracted
object->network layer that all your applications can flow through,
which AFAIK has only been weakly conceptualized and barely implemented
in even the most esoteric Plan-9 kinds of operating systems.
Feel like inventing something?


On Mon, Sep 19, 2011 at 8:04 PM, John Klos <> wrote:
>> Maybe I'm missing something- or maybe two things.
>> OpenSSH "tunnels" are app-level things, and have nothing to do with
>> the tun interface.
> You're right that the most common use of ssh for tunnels are for individual
> ports, but OpenSSH also has the ability to set up a point-to-point tunnel.
> You can read more about it here:
> and here:
> It works well and lets me get real IPv6 wherever I go, plus in some places I
> route using real public IPs which can be used to present services, do NAT,
> et cetera.
>> And ideally, the routing table should be untouched as well.
>> This requires either apps that have flexible connection settings (most
>> do) or the use of a tcpwrapper/netcat kind of program.
> The creation of tun0 (or tun whatever number) doesn't touch the routing
> table, but making tun0 useful does. I just want to do ssh -w0:0 as a
> non-root user and worry about the rest later.
>> If this is not what you want at all, and you're talking about what I
>> think you might be, then OpenVPN is the solution :)
> Hmmm... Looks interesting. I'll have to play with it.
> Thanks,
> John

Home | Main Index | Thread Index | Old Index